A collection of computers that are grouped together to optimize the performance of domain controllers. Sites are typically defined by geographical location and are connected by slower wide area network (WAN) links.
At least one domain controller must be located at each site, thus ensuring that Active Directory runs at each site. Sites generally belong to one or more Internet Protocol (IP) subnets, and computers within a site are joined by high-speed networking connections.
You define sites to manage and reduce Active Directory logon and directory replication traffic on the network. For example, when a user tries to log on to a Microsoft Windows 2000–based network, authentication is automatically attempted first by domain controllers in the site where the user is located. To optimize logon and replication traffic, sites should be groupings of servers connected by local area network (LAN) or high-speed permanent WAN links. You can create sites to control which domain controllers a group of workstations will use for network logons.
Sites contain two types of Active Directory objects: servers and connections. These objects are used to configure Active Directory replication. You can schedule replication traffic between sites to occur at off-hours to reduce network congestion. Replication traffic within a site (intrasite replication) uses remote procedure calls (RPCs) with dynamically assigned port numbers. Replication between sites (intersite replication) can use either TCP/IP or Simple Mail Transfer Protocol (SMTP) messages.
The topology of each site is stored in Active Directory. A site can contain domain controllers from several domains, and domain controllers from a particular domain might be located in several different sites. You can create sites by using Active Directory Sites and Services, a snap-in for Microsoft Management Console (MMC). A default site is created the first time the Active Directory Installation Wizard is run to create the first (root) domain controller of your enterprise.
To create additional sites, take the following steps:
Sites are not part of the Domain Name System (DNS) namespace for an Active Directory implementation.
Try to limit the number of sites you use in your enterprise. Geographically separate locations of your company that do not need domain controllers should be part of larger sites instead of separate sites. There is no real advantage to defining multiple sites at a single physical location, and there are disadvantages to doing so. For example, if all domain controllers in one site become temporarily unavailable, workstations in that site will try to be authenticated from any other domain controller in the domain, even if the domain controller is in a remote site. Once a workstation finds a domain controller that responds to it, it will continue using that domain controller for all subsequent logons. This can cause unwanted WAN traffic because Windows 2000 does not keep track of which sites are “near” a given site in regard to network connectivity and speed.
Planning a site topology for your enterprise generally involves balancing good logon traffic with good replication traffic. Be sure to take into account the available bandwidth of physical network links between locations when you plan sites.